Job Description STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING. IT Security Risk Analyst Detroit, MI / Remote in EST/CST 6+ Months with extension W2 Contract engagement Job Description: Provides information security risk knowledge and serves as a specialist to identify, prioritize, and collaboratively mitigate cyber risk enterprise-wide. Responsible for the following: Plan, coordinate and conduct security risk assessments for information systems and third parties Compose reports, assessments, and other documents to provide decision support on information security risks and controls for executives, system owners and management Assess the likelihood and impact of adverse events and recommend effective controls and mitigations to management Research, analyze and report on the cybersecurity risk of doing business with third parties Facilitate the response and mitigation of third party security incidents Support the continuous improvement and implementation of Information Security Policies, Standards, Processes, and Procedures Contribute to the enhancement and implementation of the information security risks & controls library Perform control assessments to determine if cybersecurity controls are effective and in compliance with applicable requirements Establish and implement effective security awareness practices across the System, including training, phishing, and communications.
MINIMUM QUALIFICATIONS Bachelor's degree or an equivalent combination of education and experience. Minimum of three (3) years of progressive experience in Information Services including one (1) year in information security, including experience in compliance with federal and state security regulations Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA) or equivalent Must possess a general understanding of enterprise security best practices relating to implementing and managing enterprise security solutions. Working knowledge of one or more information security regulations and/or frameworks; i.e
HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security. Experience with administrative and technical assessments as well as enforcing organizational *Beware of scams. S3 never asks for money during its onboarding process.